All Apps and Add-ons
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

How to get xml data from .pcap and .cap files.

anjambha
Communicator
‎01-16-2018 07:27 AM

Hi..
I am using Splunk Stream app to read pcap files which contains both binary and xml data.
After configuring pcap input, i can see some data in the splunk but not the xml data and i am more interesting in the xml data. Can anyone please help me to get the xml data from pcap files.

Thanks in advance !!

Sample data:

\D4ò\A1\00\00\00\00\00\00\00\00\00\00\FF\FF\00\00\00\00\00\ED\AB=Z'\00\F3\00\00\00\F3\00\00\00\FF\FF\FF\FF\FF\FF\FE\B5\BC9\00E\00\00\E5{1\00\00\80*\84\AC\AC\FF\00\8A\00\8A\00ѕ5
\FF\84\AC\00\8A\00\BB\00\00 EDEBFCEMEGEPFCEDEFCNEEEDDBCACACA\00 EDEBFCEMEGEPFCEDEFCACACACACACABN\00\FFSMB%\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00!\00\00\00\00\00\00\00\00\00\E8\00\00\00\00\00\00\00\00!\00V\00\00\00\00\00\002\00\MAILSLOT\BROWSE\00\00\80\FC
\00CARLFORCE-DC1\00\00\00+\80\00U\AA\00\EE\AB=Z\B6B\00\F3\00\00\00\F3\00\00\00\FF\FF\FF\FF\FF\FF\FE\B5\BC9\00E\00\00\E5{1\00\00\80*\84\AC\AC\FF\00\8A\00\8A\00ъ\C8
\FF\84\AC\00\8A\00\BB\00\00 EDEBFCEMEGEPFCEDEFCNEEEDDBCACACA\00 EDEBFCEMEGEPFCEDEFCACACACACACABN\00\FFSMB%\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00!\00\00\00\00\00\00\00\00\00\E8\00\00\00\00\00\00\00\00!\00V\00\00\00\00\00\002\00\MAILSLOT\BROWSE\00\00\80\FC
<name>Berry-Berry Belgian Waffles</name>
    <price>$8.95</price>
    <description>
    Belgian waffles covered with assorted fresh berries and whipped cream
    </description>
    <calories>900</calories>
\D4ò\A1\00\00\00\00\00\00\00\00\00\00\FF\FF\00\00\00\00\00\ED\AB=Z'\00\F3\00\00\00\F3\00\00\00\FF\FF\FF\FF\FF\FF\FE\B5\BC9\00E\00\00\E5{1\00\00\80*\84\AC\AC\FF\00\8A\00\8A\00ѕ5
\FF\84\AC\00\8A\00\BB\00\00 EDEBFCEMEGEPFCEDEFCNEEEDDBCACACA\00 EDEBFCEMEGEPFCEDEFCACACACACACABN\00\FFSMB%\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00!\00\00\00\00\00\00\00\00\00\E8\00\00\00\00\00\00\00\00!\00V\00\00\00\00\00\002\00\MAILSLOT\BROWSE\00\00\80\FC
\00CARLFORCE-DC1\00\00\00+\80\00U\AA\00\EE\AB=Z\B6B\00\F3\00\00\00\F3\00\00\00\FF\FF\FF\FF\FF\FF\FE\B5\BC9\00E\00\00\E5{1\00\00\80*\84\AC\AC\FF\00\8A\00\8A\00ъ\C8
\FF\84\AC\00\8A\00\BB\00\00 EDEBFCEMEGEPFCEDEFCNEEEDDBCACACA\00 EDEBFCEMEGEPFCEDEFCACACACACACABN\00\FFSMB%\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00!\00\00\00\00\00\00\00\00\00\E8\00\00\00\00\00\00\00\00!\00V\00\00\00\00\00\002\00\MAILSLOT\BROWSE\00\00\80\FC
0 Karma
Reply
Get Updates on the Splunk Community!